Malware

Should I remove “Malware.AI.4247288144”?

Malware Removal

The Malware.AI.4247288144 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4247288144 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Deletes its original binary from disk
  • Created a process from a suspicious location
  • Steals private information from local Internet browsers
  • Spoofs its process name and/or associated pathname to appear as a legitimate process
  • CAPE detected the Loki malware family
  • Creates a copy of itself
  • Harvests credentials from local FTP client softwares
  • Harvests information related to installed instant messenger clients
  • Harvests information related to installed mail clients
  • Collects information to fingerprint the system

How to determine Malware.AI.4247288144?



File Info:

name: F8BF1D1A116DFAC56258.mlw
path: /opt/CAPEv2/storage/binaries/f53bc46a9009d6a514774eda324f85efc23f9f3273a07f206446109c1be74c71
crc32: 31C387D3
md5: f8bf1d1a116dfac562587cd1dafa98c5
sha1: b2ac6d81833c84b97fd7b2942173238b104a5c94
sha256: f53bc46a9009d6a514774eda324f85efc23f9f3273a07f206446109c1be74c71
sha512: b6a5c4a6902784a8add53eb8542cd415ae810448ccfb9441ef37cce1945023d52d26fad153a5ce1ca9f7edef89d6e43178d93e5a8ddf29cd86c3f4c05ff1eff1
ssdeep: 6144:dQqtWNUBe4CiJjcpiGX/py261hQMdKXeNm37d73ZlWXvXZRAZJrwpiZYZkAUnbMh:U4CiFA61hQ+KX/R3ZlGZiZF+ZkAlPp
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DD9401AB32A0D0B7D9A587B255AFD2726B64F39A7201259B7340DBEF74C4038930F725
sha3_384: c0b7c9792a3abba095d843e3a47c605d54894310d4b4fe63ca21bea19b0ab5eaf622d95957e6584adfd4c7cdb11d1470
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:41


Version Info:

0: [No Data]

Malware.AI.4247288144 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.Loader.834
FireEyeTrojan.GenericKD.37030993
McAfeeArtemis!F8BF1D1A116D
CylanceUnsafe
ZillyaTrojan.Noon.Win32.16882
SangforRiskware.Win32.Agent.ky
K7AntiVirusTrojan ( 0057d8901 )
AlibabaTrojanSpy:Win32/Stelega.f31b9104
K7GWTrojan ( 0057d8901 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Ninjector.J.gen!Camelot
SymantecTrojan.Gen.2
ESET-NOD32NSIS/Injector.ALN
TrendMicro-HouseCallTROJ_GEN.R002C0DLA21
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyHEUR:Trojan-Spy.Win32.Noon.gen
BitDefenderTrojan.GenericKD.37030993
MicroWorld-eScanTrojan.GenericKD.37030993
AvastWin32:Trojan-gen
TencentWin32.Trojan-spy.Noon.Efkx
Ad-AwareTrojan.GenericKD.37030993
EmsisoftTrojan.GenericKD.37030993 (B)
ComodoMalware@#1f6gd7vejk6jk
VIPREWin32.Malware!Drop
TrendMicroTROJ_GEN.R002C0DLA21
McAfee-GW-EditionBehavesLike.Win32.Dropper.gc
SophosMal/Generic-R
GDataTrojan.GenericKD.37030993
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1143688
KingsoftWin32.Troj.Undef.(kcloud)
ViRobotTrojan.Win32.Z.Wacatac.412349
MicrosoftTrojan:Win32/Stelega.KZ!MTB
SentinelOneStatic AI – Suspicious PE
VBA32TrojanSpy.Noon
ALYacTrojan.GenericKD.37030993
MalwarebytesMalware.AI.4247288144
APEXMalicious
RisingTrojan.Injector/NSIS!1.D6F5 (CLASSIC)
MAXmalware (ai score=89)
FortinetNSIS/Ninjector.J!tr
AVGWin32:Trojan-gen
Cybereasonmalicious.1833c8
PandaTrj/CI.A

How to remove Malware.AI.4247288144?

Malware.AI.4247288144 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment